This guide describes how to connect Rapid7 to Workbench and add Rapid7 console access.
Step 1: Get the API Credentials from Rapid7 VM
An organization API key allows access to InsightVM product APIs, and can only be generated by administrators.
-
Log in to the customer’s Rapid7 console as an administrator.
-
In Insight Platform, select Home.
-
Select API Key Management.
-
Select Organization Keys.
-
On the Organization Keys screen, select Generate New Organization Key.
-
Enter your organization name.
-
In the ExpelAPI field, enter the Expel API key.
We suggest
ExpelAPI
. -
Generate the key by selecting Submit.
A window opens to display the generated key.
Note
Note the key for later use in Workbench. You can't retrieve the key after you close the window.
-
Step 2: Add a Rapid7 InsightVM Console User
Expel's device health team uses console access to investigate potential health issues with your tech. Having access to the interface of your technology allows Expel to dig deeper during incident investigation and supports programmatic vulnerability scanning (i.e. scan details, tagging, asset types, exceptions, and other features).
To be able to access the Rapid7 console, add a new user.
-
In Insight Platform, select Settings > User Management.
-
Select Add User.
-
In the Email field, enter
soc+<Your_Organization_Name>@expel.io
.
Note
Yes, the "+" sign is part of the email address, and it's important. Click here to find out why. -
In the First Name field, enter
SOC
. -
In the Last Name field, enter
Expel
. -
In the Time Zone field, select UTC.
-
In Product Roles, select Admin.
-
Select Submit. The user is now added to InsightOps, which generates an email to the SOC team to activate the account.
Step 3: Add Rapid7 API Credentials to Workbench
You can now add Rapid7 InsightVM to Workbench.
-
Log in to https://workbench.expel.io.
-
Navigate to Organization Settings > Security devices.
-
Select +Add security device.
-
Search for and select Rapid7 InsightVM.
Note
If you don't see the Rapid7 InsightVM Scanner in Workbench as an integration, then an Expel customer support engineer must set the connection by using the API information provided by the client.
-
Complete the Add Security Device form:
-
Name - enter the name of the device.
-
Location - enter the location of the device.
-
API Key - provide the key that was generated in Step 1.
-
Region - enter the location of Rapid7.
-
-
Set up the console:
-
In the How will you access the console field, select Set up now (recommended).
-
In the Console URL field, enter
https://insight.rapid7.com
. -
In the Username field, enter
soc+<Your_Organization_Name>@expel.io
.
-
-
Select Save.